---
title: Getting Started with Datadog
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > Infrastructure > Datadog Resource Catalog
---

# gcp_storage_bucket{% #gcp_storage_bucket %}

## `acl`{% #acl %}

**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `acl`**Description**: Access controls on the bucket.

- `bucket`**Type**: `STRING`**Provider name**: `bucket`**Description**: The name of the bucket.
- `domain`**Type**: `STRING`**Provider name**: `domain`**Description**: The domain associated with the entity, if any.
- `email`**Type**: `STRING`**Provider name**: `email`**Description**: The email address associated with the entity, if any.
- `entity`**Type**: `STRING`**Provider name**: `entity`**Description**: The entity holding the permission, in one of the following forms: - user-userId - user-email - group-groupId - group-email - domain-domain - project-team-projectId - allUsers - allAuthenticatedUsers Examples: - The user [liz@example.com](mailto:liz@example.com) would be [user-liz@example.com](mailto:user-liz@example.com). - The group [example@googlegroups.com](mailto:example@googlegroups.com) would be [group-example@googlegroups.com](mailto:group-example@googlegroups.com). - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
- `entity_id`**Type**: `STRING`**Provider name**: `entityId`**Description**: The ID for the entity, if any.
- `etag`**Type**: `STRING`**Provider name**: `etag`**Description**: HTTP 1.1 Entity tag for the access-control entry.
- `id`**Type**: `STRING`**Provider name**: `id`**Description**: The ID of the access-control entry.
- `kind`**Type**: `STRING`**Provider name**: `kind`**Description**: The kind of item this is. For bucket access control entries, this is always storage#bucketAccessControl.
- `project_team`**Type**: `STRUCT`**Provider name**: `projectTeam`**Description**: The project team associated with the entity, if any.
  - `project_number`**Type**: `STRING`**Provider name**: `projectNumber`**Description**: The project number.
  - `team`**Type**: `STRING`**Provider name**: `team`**Description**: The team.
- `role`**Type**: `STRING`**Provider name**: `role`**Description**: The access permission for the entity.
- `self_link`**Type**: `STRING`**Provider name**: `selfLink`**Description**: The link to this access-control entry.

## `ancestors`{% #ancestors %}

**Type**: `UNORDERED_LIST_STRING`

## `autoclass`{% #autoclass %}

**Type**: `STRUCT`**Provider name**: `autoclass`**Description**: The bucket's Autoclass configuration.

- `enabled`**Type**: `BOOLEAN`**Provider name**: `enabled`**Description**: Whether or not Autoclass is enabled on this bucket
- `toggle_time`**Type**: `TIMESTAMP`**Provider name**: `toggleTime`**Description**: A date and time in RFC 3339 format representing the instant at which "enabled" was last toggled.

## `billing`{% #billing %}

**Type**: `STRUCT`**Provider name**: `billing`**Description**: The bucket's billing configuration.

- `requester_pays`**Type**: `BOOLEAN`**Provider name**: `requesterPays`**Description**: When set to true, Requester Pays is enabled for this bucket.

## `cors`{% #cors %}

**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `cors`**Description**: The bucket's Cross-Origin Resource Sharing (CORS) configuration.

- `max_age_seconds`**Type**: `INT32`**Provider name**: `maxAgeSeconds`**Description**: The value, in seconds, to return in the Access-Control-Max-Age header used in preflight responses.
- `method`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `method`**Description**: The list of HTTP methods on which to include CORS response headers, (GET, OPTIONS, POST, etc) Note: "*" is permitted in the list of methods, and means "any method".
- `origin`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `origin`**Description**: The list of Origins eligible to receive CORS response headers. Note: "*" is permitted in the list of origins, and means "any Origin".
- `response_header`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `responseHeader`**Description**: The list of HTTP headers other than the simple response headers to give permission for the user-agent to share across domains.

## `custom_placement_config`{% #custom_placement_config %}

**Type**: `STRUCT`**Provider name**: `customPlacementConfig`**Description**: The bucket's custom placement configuration for Custom Dual Regions.

- `data_locations`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `dataLocations`**Description**: The list of regional locations in which data is placed.

## `default_event_based_hold`{% #default_event_based_hold %}

**Type**: `BOOLEAN`**Provider name**: `defaultEventBasedHold`**Description**: The default value for event-based hold on newly created objects in this bucket. Event-based hold is a way to retain objects indefinitely until an event occurs, signified by the hold's release. After being released, such objects will be subject to bucket-level retention (if any). One sample use case of this flag is for banks to hold loan documents for at least 3 years after loan is paid in full. Here, bucket-level retention is 3 years and the event is loan being paid in full. In this example, these objects will be held intact for any number of years until the event has occurred (event-based hold on the object is released) and then 3 more years after that. That means retention duration of the objects begins from the moment event-based hold transitioned from true to false. Objects under event-based hold cannot be deleted, overwritten or archived until the hold is removed.

## `default_object_acl`{% #default_object_acl %}

**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `defaultObjectAcl`**Description**: Default access controls to apply to new objects when no ACL is provided.

- `bucket`**Type**: `STRING`**Provider name**: `bucket`**Description**: The name of the bucket.
- `domain`**Type**: `STRING`**Provider name**: `domain`**Description**: The domain associated with the entity, if any.
- `email`**Type**: `STRING`**Provider name**: `email`**Description**: The email address associated with the entity, if any.
- `entity`**Type**: `STRING`**Provider name**: `entity`**Description**: The entity holding the permission, in one of the following forms: - user-userId - user-email - group-groupId - group-email - domain-domain - project-team-projectId - allUsers - allAuthenticatedUsers Examples: - The user [liz@example.com](mailto:liz@example.com) would be [user-liz@example.com](mailto:user-liz@example.com). - The group [example@googlegroups.com](mailto:example@googlegroups.com) would be [group-example@googlegroups.com](mailto:group-example@googlegroups.com). - To refer to all members of the Google Apps for Business domain example.com, the entity would be domain-example.com.
- `entity_id`**Type**: `STRING`**Provider name**: `entityId`**Description**: The ID for the entity, if any.
- `etag`**Type**: `STRING`**Provider name**: `etag`**Description**: HTTP 1.1 Entity tag for the access-control entry.
- `generation`**Type**: `STRING`**Provider name**: `generation`**Description**: The content generation of the object, if applied to an object.
- `id`**Type**: `STRING`**Provider name**: `id`**Description**: The ID of the access-control entry.
- `kind`**Type**: `STRING`**Provider name**: `kind`**Description**: The kind of item this is. For object access control entries, this is always storage#objectAccessControl.
- `object`**Type**: `STRING`**Provider name**: `object`**Description**: The name of the object, if applied to an object.
- `project_team`**Type**: `STRUCT`**Provider name**: `projectTeam`**Description**: The project team associated with the entity, if any.
  - `project_number`**Type**: `STRING`**Provider name**: `projectNumber`**Description**: The project number.
  - `team`**Type**: `STRING`**Provider name**: `team`**Description**: The team.
- `role`**Type**: `STRING`**Provider name**: `role`**Description**: The access permission for the entity.
- `self_link`**Type**: `STRING`**Provider name**: `selfLink`**Description**: The link to this access-control entry.

## `encryption`{% #encryption %}

**Type**: `STRUCT`**Provider name**: `encryption`**Description**: Encryption configuration for a bucket.

- `default_kms_key_name`**Type**: `STRING`**Provider name**: `defaultKmsKeyName`**Description**: A Cloud KMS key that will be used to encrypt objects inserted into this bucket, if no encryption method is specified.

## `etag`{% #etag %}

**Type**: `STRING`**Provider name**: `etag`**Description**: HTTP 1.1 Entity tag for the bucket.

## `iam_configuration`{% #iam_configuration %}

**Type**: `STRUCT`**Provider name**: `iamConfiguration`**Description**: The bucket's IAM configuration.

- `bucket_policy_only`**Type**: `STRUCT`**Provider name**: `bucketPolicyOnly`**Description**: The bucket's uniform bucket-level access configuration. The feature was formerly known as Bucket Policy Only. For backward compatibility, this field will be populated with identical information as the uniformBucketLevelAccess field. We recommend using the uniformBucketLevelAccess field to enable and disable the feature.
  - `enabled`**Type**: `BOOLEAN`**Provider name**: `enabled`**Description**: If set, access is controlled only by bucket-level or above IAM policies.
  - `locked_time`**Type**: `TIMESTAMP`**Provider name**: `lockedTime`**Description**: The deadline for changing iamConfiguration.bucketPolicyOnly.enabled from true to false in RFC 3339 format. iamConfiguration.bucketPolicyOnly.enabled may be changed from true to false until the locked time, after which the field is immutable.
- `public_access_prevention`**Type**: `STRING`**Provider name**: `publicAccessPrevention`**Description**: The bucket's Public Access Prevention configuration. Currently, 'inherited' and 'enforced' are supported.
- `uniform_bucket_level_access`**Type**: `STRUCT`**Provider name**: `uniformBucketLevelAccess`**Description**: The bucket's uniform bucket-level access configuration.
  - `enabled`**Type**: `BOOLEAN`**Provider name**: `enabled`**Description**: If set, access is controlled only by bucket-level or above IAM policies.
  - `locked_time`**Type**: `TIMESTAMP`**Provider name**: `lockedTime`**Description**: The deadline for changing iamConfiguration.uniformBucketLevelAccess.enabled from true to false in RFC 3339 format. iamConfiguration.uniformBucketLevelAccess.enabled may be changed from true to false until the locked time, after which the field is immutable.

## `id`{% #id %}

**Type**: `STRING`**Provider name**: `id`**Description**: The ID of the bucket. For buckets, the id and name properties are the same.

## `kind`{% #kind %}

**Type**: `STRING`**Provider name**: `kind`**Description**: The kind of item this is. For buckets, this is always storage#bucket.

## `labels`{% #labels %}

**Type**: `UNORDERED_LIST_STRING`

## `lifecycle`{% #lifecycle %}

**Type**: `STRUCT`**Provider name**: `lifecycle`**Description**: The bucket's lifecycle configuration. See lifecycle management for more information.

- `rule`**Type**: `UNORDERED_LIST_STRUCT`**Provider name**: `rule`**Description**: A lifecycle management rule, which is made of an action to take and the condition(s) under which the action will be taken.
  - `action`**Type**: `STRUCT`**Provider name**: `action`**Description**: The action to take.
    - `storage_class`**Type**: `STRING`**Provider name**: `storageClass`**Description**: Target storage class. Required iff the type of the action is SetStorageClass.
    - `type`**Type**: `STRING`**Provider name**: `type`**Description**: Type of the action. Currently, only Delete, SetStorageClass, and AbortIncompleteMultipartUpload are supported.
  - `condition`**Type**: `STRUCT`**Provider name**: `condition`**Description**: The condition(s) under which the action will be taken.
    - `age`**Type**: `INT32`**Provider name**: `age`**Description**: Age of an object (in days). This condition is satisfied when an object reaches the specified age.
    - `created_before`**Type**: `TIMESTAMP`**Provider name**: `createdBefore`**Description**: A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). This condition is satisfied when an object is created before midnight of the specified date in UTC.
    - `custom_time_before`**Type**: `TIMESTAMP`**Provider name**: `customTimeBefore`**Description**: A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). This condition is satisfied when the custom time on an object is before this date in UTC.
    - `days_since_custom_time`**Type**: `INT32`**Provider name**: `daysSinceCustomTime`**Description**: Number of days elapsed since the user-specified timestamp set on an object. The condition is satisfied if the days elapsed is at least this number. If no custom timestamp is specified on an object, the condition does not apply.
    - `days_since_noncurrent_time`**Type**: `INT32`**Provider name**: `daysSinceNoncurrentTime`**Description**: Number of days elapsed since the noncurrent timestamp of an object. The condition is satisfied if the days elapsed is at least this number. This condition is relevant only for versioned objects. The value of the field must be a nonnegative integer. If it's zero, the object version will become eligible for Lifecycle action as soon as it becomes noncurrent.
    - `is_live`**Type**: `BOOLEAN`**Provider name**: `isLive`**Description**: Relevant only for versioned objects. If the value is true, this condition matches live objects; if the value is false, it matches archived objects.
    - `matches_pattern`**Type**: `STRING`**Provider name**: `matchesPattern`**Description**: A regular expression that satisfies the RE2 syntax. This condition is satisfied when the name of the object matches the RE2 pattern. Note: This feature is currently in the "Early Access" launch stage and is only available to a whitelisted set of users; that means that this feature may be changed in backward-incompatible ways and that it is not guaranteed to be released.
    - `matches_prefix`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `matchesPrefix`**Description**: List of object name prefixes. This condition will be satisfied when at least one of the prefixes exactly matches the beginning of the object name.
    - `matches_storage_class`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `matchesStorageClass`**Description**: Objects having any of the storage classes specified by this condition will be matched. Values include MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, ARCHIVE, STANDARD, and DURABLE_REDUCED_AVAILABILITY.
    - `matches_suffix`**Type**: `UNORDERED_LIST_STRING`**Provider name**: `matchesSuffix`**Description**: List of object name suffixes. This condition will be satisfied when at least one of the suffixes exactly matches the end of the object name.
    - `noncurrent_time_before`**Type**: `TIMESTAMP`**Provider name**: `noncurrentTimeBefore`**Description**: A date in RFC 3339 format with only the date part (for instance, "2013-01-15"). This condition is satisfied when the noncurrent time on an object is before this date in UTC. This condition is relevant only for versioned objects.
    - `num_newer_versions`**Type**: `INT32`**Provider name**: `numNewerVersions`**Description**: Relevant only for versioned objects. If the value is N, this condition is satisfied when there are at least N versions (including the live version) newer than this version of the object.

## `location`{% #location %}

**Type**: `STRING`**Provider name**: `location`**Description**: The location of the bucket. Object data for objects in the bucket resides in physical storage within this region. Defaults to US. See the developer's guide for the authoritative list.

## `location_type`{% #location_type %}

**Type**: `STRING`**Provider name**: `locationType`**Description**: The type of the bucket location.

## `logging`{% #logging %}

**Type**: `STRUCT`**Provider name**: `logging`**Description**: The bucket's logging configuration, which defines the destination bucket and optional name prefix for the current bucket's logs.

- `log_bucket`**Type**: `STRING`**Provider name**: `logBucket`**Description**: The destination bucket where the current bucket's logs should be placed.
- `log_object_prefix`**Type**: `STRING`**Provider name**: `logObjectPrefix`**Description**: A prefix for log object names.

## `metageneration`{% #metageneration %}

**Type**: `INT64`**Provider name**: `metageneration`**Description**: The metadata generation of this bucket.

## `name`{% #name %}

**Type**: `STRING`**Provider name**: `name`**Description**: The name of the bucket.

## `organization_id`{% #organization_id %}

**Type**: `STRING`

## `owner`{% #owner %}

**Type**: `STRUCT`**Provider name**: `owner`**Description**: The owner of the bucket. This is always the project team's owner group.

- `entity`**Type**: `STRING`**Provider name**: `entity`**Description**: The entity, in the form project-owner-projectId.
- `entity_id`**Type**: `STRING`**Provider name**: `entityId`**Description**: The ID for the entity.

## `parent`{% #parent %}

**Type**: `STRING`

## `project_id`{% #project_id %}

**Type**: `STRING`

## `project_number`{% #project_number %}

**Type**: `STRING`

## `region_id`{% #region_id %}

**Type**: `STRING`

## `resource_name`{% #resource_name %}

**Type**: `STRING`

## `retention_policy`{% #retention_policy %}

**Type**: `STRUCT`**Provider name**: `retentionPolicy`**Description**: The bucket's retention policy. The retention policy enforces a minimum retention time for all objects contained in the bucket, based on their creation time. Any attempt to overwrite or delete objects younger than the retention period will result in a PERMISSION_DENIED error. An unlocked retention policy can be modified or removed from the bucket via a storage.buckets.update operation. A locked retention policy cannot be removed or shortened in duration for the lifetime of the bucket. Attempting to remove or decrease period of a locked retention policy will result in a PERMISSION_DENIED error.

- `effective_time`**Type**: `TIMESTAMP`**Provider name**: `effectiveTime`**Description**: Server-determined value that indicates the time from which policy was enforced and effective. This value is in RFC 3339 format.
- `is_locked`**Type**: `BOOLEAN`**Provider name**: `isLocked`**Description**: Once locked, an object retention policy cannot be modified.
- `retention_period`**Type**: `INT64`**Provider name**: `retentionPeriod`**Description**: The duration in seconds that objects need to be retained. Retention duration must be greater than zero and less than 100 years. Note that enforcement of retention periods less than a day is not guaranteed. Such periods should only be used for testing purposes.

## `rpo`{% #rpo %}

**Type**: `STRING`**Provider name**: `rpo`**Description**: The Recovery Point Objective (RPO) of this bucket. Set to ASYNC_TURBO to turn on Turbo Replication on a bucket.

## `satisfies_pzs`{% #satisfies_pzs %}

**Type**: `BOOLEAN`**Provider name**: `satisfiesPZS`**Description**: Reserved for future use.

## `self_link`{% #self_link %}

**Type**: `STRING`**Provider name**: `selfLink`**Description**: The URI of this bucket.

## `storage_class`{% #storage_class %}

**Type**: `STRING`**Provider name**: `storageClass`**Description**: The bucket's default storage class, used whenever no storageClass is specified for a newly-created object. This defines how objects in the bucket are stored and determines the SLA and the cost of storage. Values include MULTI_REGIONAL, REGIONAL, STANDARD, NEARLINE, COLDLINE, ARCHIVE, and DURABLE_REDUCED_AVAILABILITY. If this value is not specified when the bucket is created, it will default to STANDARD. For more information, see storage classes.

## `tags`{% #tags %}

**Type**: `UNORDERED_LIST_STRING`

## `time_created`{% #time_created %}

**Type**: `TIMESTAMP`**Provider name**: `timeCreated`**Description**: The creation time of the bucket in RFC 3339 format.

## `updated`{% #updated %}

**Type**: `TIMESTAMP`**Provider name**: `updated`**Description**: The modification time of the bucket in RFC 3339 format.

## `versioning`{% #versioning %}

**Type**: `STRUCT`**Provider name**: `versioning`**Description**: The bucket's versioning configuration.

- `enabled`**Type**: `BOOLEAN`**Provider name**: `enabled`**Description**: While set to true, versioning is fully enabled for this bucket.

## `website`{% #website %}

**Type**: `STRUCT`**Provider name**: `website`**Description**: The bucket's website configuration, controlling how the service behaves when accessing bucket contents as a web site. See the Static Website Examples for more information.

- `main_page_suffix`**Type**: `STRING`**Provider name**: `mainPageSuffix`**Description**: If the requested object path is missing, the service will ensure the path has a trailing '/', append this suffix, and attempt to retrieve the resulting object. This allows the creation of index.html objects to represent directory pages.
- `not_found_page`**Type**: `STRING`**Provider name**: `notFoundPage`**Description**: If the requested object path is missing, and any mainPageSuffix object is missing, if applicable, the service will return the named object from this bucket as the content for a 404 Not Found result.

## `zone_id`{% #zone_id %}

**Type**: `STRING`